Attacks that cause a hosted application to operate in unexpected or unpredictable ways, can result in private data either leaking out through HTTP responses or logs.
Server-Side VulnerabilitiesSQL Injection
SQL injection attacks take advantage of improper sanitization of user input, to execute unplanned SQL statements against a database. This can result in leaking of private information, or potentially, total destruction of the database.
Server-Side VulnerabilitiesATTACK: SQL Injection
Identify and exploit a SQL injection vulnerability in the online banking example app.
Server-Side VulnerabilitiesDEFEND: SQL Injection
Alter the online banking app so that user input is sanitized. Now, your SQL injection attack should no longer cause private data to be disclosed.
Server-Side VulnerabilitiesTiming Attacks
Timing attacks, aim to get information out of a secure system by analyzing the time taken to perform certain operations -- usually the time that's related to the implementation of an encryption algorithm or other security measures.
Server-Side VulnerabilitiesATTACK: Timing
Use a database of potential users, analyze login attempts to determine the users for which the password is actually evaluated, vs the users where the system doesn't bother checking at all (i.e., non-user or disabled user).
Server-Side VulnerabilitiesDEFEND: Timing
Use a "dummy evaluation" to mitigate against a timing attack. Your solution to the previous exercise should have inconclusive results now.